Confidentiality: prevent unauthorized disclosure of information
privacy: protection of private data
secrecy: protection of organizational data
Integrity: prevent unauthorized modification of information
Preventing unauthorized writing or modifications
Access control
Availability: prevent unauthorized withholding of information
Services are accessible and useable (without undue delay) whenever needed by an authorized entity
NLR
FTP- "File Transfer Protocol." It is a common method of transferring files via the Internet from one computer to another
Bit- is the basic unit of information in computing and telecommunications
P2P-computer systems which are connected to each other via the Internet. Files can be shared directly between systems on the network
Cookie- a small amount of data generated by a website and saved by your web browser
Phishing -Trying to obtain personal information over the internet. A security attack that relies on social engineering.
Worm -A software program capable of reproducing itself that can spread from one computer to the next over [[#|a network]]
[[#|VPN]] -Enables a host computer to send and receive data across shared or public networks as if it were a private network with all the functionality, security and management policies of the private network.
PGP -A data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication
Audit Log -A security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event
Availability-A general term that is used to describe the amount of time over a one-year period that the system resources is available in the wake of component failures in the system
Encryption -The translation of data into a secret code. It is the most effective way to achieve data security. To read one of these files, you must have access to a password that enables you toe decrypt it.
Wireless N -An extension to 802.11 specification developed by the IEEE for [[#|wireless LAN]] technology
Backbone -Another term for bus, the main wire that connects to nodes. The term is often used to describe the main network connections composing the Internet
Router -A device that forwards data packets along networks. It is connected to at least two networks and are located at gateways, the places where two or more networks connect
Relevance -Denotes how well a retrieved documents or set of documents meets the information need of the user
Torrent -A file distribution system used for transferring files across a network of people. As you download a file, BitTorrent places what you download on upload for other users.
Packet Jam -Refers to packets that are delayed resulting in a document that cannot be reassembled or displayed.
Buffer Overflow -When data transferred to a buffer exceeds the storage capacity of the buffer and some of the data "overflows" into another buffer, one that the data was not intended to go in. This can cause corrupt data.
Logic Bomb -Programming code added to the software of an [[#|application]] or operating system that lies dormant until a predetermined period of time or event occurs, triggering the code into action. Typically are malicious in intent, acting in the same ways as a virus of Trojan horse once activated.
Social Engineering -The act of obtaining or attempting to obtain otherwise secures data by conning an individual into revealing secure information.
Strong Passwords -A passwords that is difficult to detect by both humans and computer [[#|programs]]. Consists of at least six characters that are a combination of letters, numbers and symbols, and is case-sensitive.
Confidentiality -Discretion in keeping secret information
Authentication -The process of identifying and individual, usually based on a username and password. Ensures that the individual is who he/she claims to be.
[[#|Wireless]] G -A 54 Mbps wireless networking standard that has become popular due to its speed advantage over the widely used Wireless-B standard
Switch -In networks, a device that filters and forwards packets between LAN segments. These operate at the data link layer and sometimes the network layer of the OSI Reference Model and therefore support any packet protocol.
Internet 2 -A testing-ground networking environment where universities, companies, and government laboratories work together and develop advanced Internet technologies such as telemedicine, digital libraries and virtual laboratories.
TCP/IP -The suite of communications protocols used to connect hosts on the Internet.
Popularity -The term used to describe the value of a web site.
Broadband -The term used to describe a type of data transmission in which a single wire can carry several channels at once.
IP address -An identifier for a computer or device on a TCP/IP network.
Virus -A software program capable of reproducing itself and usually capable of causing great harm to files or other programs on the same computer
Firewall -Used to prevent unauthorized Internet users from accessing private networks connected to the Internet. It can either be a packet filter, application gateway, circuit-level gateway, or a proxy sever.
Spam -Electronic junk mail
PKI -A system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. Necessary for electronic commerce (buying stuff online)
Integrity -The assurance that information can only be accessed or modified by those authorized to do so.
DNS -An Internet service that translates domain names into IP addresses.
Hub -
A common connection point for devices in a network. Commonly used to connect segments of a LAN. Contains multiple ports, and when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all the packets
LAN -A computer network that spans a relatively small area. Each node (individual computer) in a LAN has its own CPU with which it executes programs, but it also is able to access data and devices anywhere on the LAN.
NLR -An unfettered resource for research and commercial innovation, that it is the only national fiber optic network in the world that hosts research traffic from universities and government agencies alongside data from corporations, and that this has catalyzed regional broadband development around the country
FTP -The protocol for exchanging files over the Internet. It uses the Internet's TCP/IP protocols to enable data transfer
Bit -The smallest unit of information on a machine
P2P -Peer-to-peer software that permits direct Internet-based communication. Collaboration between two or more personal computers while bypassing centralized servers.
Cookie -A message given to a Web browser by a Web server. The browser stores the message in a text file. The message is then sent back to the server each time the browser requests a page from the server.
How to Achieve Computer Security
Security principles/concepts: explore general principles/concepts that can be used as a guide to design secure information processing systems
Security mechanisms: explore some of the security mechanisms that can be used to secure information processing systems
Physical/organizational security: consider physical and organizational security measures
Security Defined: CIA
Confidentiality: prevent unauthorized disclosure of information
Integrity: prevent unauthorized modification of information
Availability: prevent unauthorized withholding of information
Phishing - the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication
Worm - a standalone malware computer program that replicates itself in order to spread to other computers
VPN - A virtual private network (VPN) extends a private network and the resources contained in the network across public networks like the Internet. It enables a host computer to send and receive data across shared or public networks as if it were a private network
PGP - Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication.
Audit Log - An audit trail (or audit log) is a security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event
Availability - availability is the proportion of time a system is in a functioning condition.
Encryption - encryption is the process of encoding messages (or information) in such a way that eavesdroppers or hackers cannot read it, but that authorized parties can
Wireless N - cs an amendment to the IEEE 802.11-2007 wireless networking standard to improve network throughput over the two previous standards—802.11a and 802.11g—with a significant increase in the maximum net data rate from 54 Mbit/s to 600 Mbit/s
Backbone - The Internet backbone refers to the principal data routes between large, strategically interconnected networks and core routers on the Internet. These data routes are hosted by commercial, government, academic and other high-capacity network centers,
Router - is a device that forwards data packets between computer networks, creating an overlay internetwork.
Relevance - This field has considered when documents (or document representations) retrieved from databases are relevant or non-relevant. Given a conception of relevance, two measures have been applied: Precision and recall:
Torrent - Within BitTorrent, a torrent file is a computer file that contains metadata about the files to be shared and about the tracker, the computer that coordinates the file distribution.
Packet Jam - refers to packets that are delayed resulting in document that cannot be reassembled and displayed. Packet jam are often resolved by pressing ‘stop’ and reloading which request a fresh copy of the document and likely to be sent without jamming.
Buffer Overflow - is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety.
Logic Bomb-failure occurs when certain conditions are met
Social Engineering- The act of obtaining or attempting to obtain otherwise secures data by conning an individual into revealing secure information.
Strong Passwords- A passwords that is difficult to detect by both humans and computer programs. Consists of at least six characters that are a combination of letters, numbers and symbols, and is case-sensitive.
Wireless G- A 54 Mbps wireless networking standard that has become popular due to its speed advantage over the widely used Wireless-B standard
Switch-In networks, a device that filters and forwards packets between LAN segments. These operate at the data link layer and sometimes the network layer of the OSI Reference Model and therefore support any packet protocol.
Internet 2- A testing-ground networking environment where universities, companies, and government laboratories work together and develop advanced Internet technologies such as telemedicine, digital libraries and virtual laboratories.
TCP/IP- The suite of communications protocols used to connect hosts on the Internet.
Popularity- The term used to describe the value of a web site.
Broadband-The term used to describe a type of data transmission in which a single wire can carry several channels at once.
IP address- An identifier for a computer or device on a TCP/IP network.
[[#|Internet Service]] Providers Will Start to Warn Customers about Illegal Downloads
The Copyright Alert System was announced last July and has been four years in the making.
This new alert system will be rolled out in the last two months (as of October 2012) and will repeatedly warn and possibly punish people who violate digital copyrights.
Service providers participating in the first wave will be AT&T, Cablevision, Comcast, Time Warner and Verizon.
Service providers will deliver the message; copyright owners will monitor peer-to-peer networks such as BitTorrent.
MarkMonitor is the service that makes it all possible. It uses a combination of people and an automated system to spot illegal downloads. It will collect the IP addresses of offenders and turn them over to service providers.
The warning systems is described a graduated response. The order is as follows:
1. Let the customer know that their Internet connection is being used to download content illegally. It will have tips on how to secure internet connections, and how to download content legally.
2. Customers will be asked to acknowledge that they received the warning.
3. Mild punishments will be issued such as: forcing the copyright violator to read “educational materials” or slowing down their internet connection so its harder to download large files.
Customers may ask for a review if they feel wrongly accused for $35.
The system will be overseen by an organization called the Center for Copyright Information, which includes Motion Picture Association of America and Recording Industry of Arica, Disney, Sony Pictures, Fox, EMI, and Universal
Reliability – deals with accidental damage (do you get consistent performance)
Dependability – reliance can be justifiably placed on the system (similar to integrity)
Survivability/Disaster Recovery/Business Continuity – deals with the recovery of the system after massive failure (especially after 9/11
Finding a Balance
Security policies interfere with working patterns, and can be very inconvenient
Require a focus on new workflows
Security mechanisms need additional computational resources
Security should be a forethought
Managing security requires additional effort and costs
ROI is hard to determine
Ideally, there should be a trade-off
Hardware
Hardware is more visible to criminals
It is easier to add/remove/change hardware devices, intercept traffic, flood devices with traffic, and in general control hardware devices’ functionality
Hardware is ignored in security training
Hardware can also be removed – VA laptop, DOD laptop, hard drives lost, etc.
Software
Interruption (deletion): surprisingly easy!
Modification:
Logic bomb – failure occurs when certain conditions are met
Buffer overflow – similar to logic or programming error
Virus – a specific Trojan horse that can be used to spread its “infection”
Worm – self-reproducing program (usually spreads through e-mails)
Trapdoor – a program that has a specific entry point
Interception (theft): unauthorized copying
Data
Data are readily accessible
Attacks on data are more widespread
Data are everywhere …. We give it away to everyone!
Fill out a credit card application, get a free waterbottle/coffee cup/t-shirt
What’s your zip code, your phone number, etc? Facebook apps/quizzes/contests; Twitter retweets
Attacks
United States Department of Commerce has compiled a list of the general categories of computer attacks (Security Glossary):
Remote or Local Penetration
Remote or Local DOS
Scanning (Ethereal)
Password Crackers
Sniffers
Protections
Basics
Firewall (Zone Alarm, Norton, hardware solutions)
Anti-virus (McAfee, Norton, Symantec)
Patches (automatic updates)
Strong passwords (> 20 characters)
Where is your data? How is it protected? Do you have it backed up?
Risk Assessment
A process of ………
Including a Business Impact Analysis
Identifying assets and ranking them
Identifying risks and ranking them
Associating specific risks with critical assets
Recommending actions to be taken
Don’t assume physical security!!!!
VA laptop, DOD laptop, Los Alamos HD issue
Why steal just the data when you can steal the hardware?
Faculty offices, student laptops in libraries
Use strong passwords on all accounts
More than 20 characters
Limited by keyboard
Under 14 characters is “crackable”
Your password is a very important secret
Select one you can remember (new rules)
You can remember a long password (Peter Henry Thesis)
Technology Approaches
Operating system software
Keep it updated with necessary patches
Patching
Make sure your computer has the latest operating system release
Auto setting is the best!
New security bugs are discovered all the time
Remember the CERT website
Firewall (hardware or software) – permits passage of data based on security policies
Virtual Private Network (VPN) – private communications over public networks (secured through authentication, cryptography, tunneling protocols) using ipsec (IP Security), SSL (tunneling), and others …
Web Sites
Understand that e-mail is not secure.
KaZaA, etc. turned your computer into a distributor so that people can download from your machine!
NOTE: 45% of free files collected by KaZaA contained viruses, Trojan horse programs and backdoors.
Sometimes you don’t even know you are responsible for security violations
your computer gets hacked and is used to hack others (you have no idea its being done).
Email & Social Engineering
E-mail:
A day-to-day necessity in our educational environment
We take it for granted
Social Engineering
“Smooth-talking your way into a system”
Common types of social engineering:
Impersonation / Important user / Pre-texting
You can find out information on Facebook / MySpace
The technical and managerial measures designed to ensure the confidentiality, possession/control, integrity, authenticity, availability, and utility of information and information systems. This term originated with government usage and is sometimes synonymous with information security.
privacy: protection of private data
secrecy: protection of organizational data
Integrity: prevent unauthorized modification of information
Preventing unauthorized writing or modifications
Access control
Availability: prevent unauthorized withholding of information
Services are accessible and useable (without undue delay) whenever needed by an authorized entity
A common connection point for devices in a network. Commonly used to connect segments of a LAN. Contains multiple ports, and when a packet arrives at one port, it is copied to the other ports so that all segments of the LAN can see all the packets
- Phishing - the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication
- Worm - a standalone malware computer program that replicates itself in order to spread to other computers
- VPN - A virtual private network (VPN) extends a private network and the resources contained in the network across public networks like the Internet. It enables a host computer to send and receive data across shared or public networks as if it were a private network
- PGP - Pretty Good Privacy (PGP) is a data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication.
- Audit Log - An audit trail (or audit log) is a security-relevant chronological record, set of records, or destination and source of records that provide documentary evidence of the sequence of activities that have affected at any time a specific operation, procedure, or event
- Availability - availability is the proportion of time a system is in a functioning condition.
- Encryption - encryption is the process of encoding messages (or information) in such a way that eavesdroppers or hackers cannot read it, but that authorized parties can
- Wireless N - cs an amendment to the IEEE 802.11-2007 wireless networking standard to improve network throughput over the two previous standards—802.11a and 802.11g—with a significant increase in the maximum net data rate from 54 Mbit/s to 600 Mbit/s
- Backbone - The Internet backbone refers to the principal data routes between large, strategically interconnected networks and core routers on the Internet. These data routes are hosted by commercial, government, academic and other high-capacity network centers,
- Router - is a device that forwards data packets between computer networks, creating an overlay internetwork.
- Relevance - This field has considered when documents (or document representations) retrieved from databases are relevant or non-relevant. Given a conception of relevance, two measures have been applied: Precision and recall:
- Torrent - Within BitTorrent, a torrent file is a computer file that contains metadata about the files to be shared and about the tracker, the computer that coordinates the file distribution.
- Packet Jam - refers to packets that are delayed resulting in document that cannot be reassembled and displayed. Packet jam are often resolved by pressing ‘stop’ and reloading which request a fresh copy of the document and likely to be sent without jamming.
- Buffer Overflow - is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety.
Logic Bomb-failure occurs when certain conditions are met[[#|Internet Service]] Providers Will Start to Warn Customers about Illegal Downloads
The Copyright Alert System was announced last July and has been four years in the making.
This new alert system will be rolled out in the last two months (as of October 2012) and will repeatedly warn and possibly punish people who violate digital copyrights.
Service providers participating in the first wave will be AT&T, Cablevision, Comcast, Time Warner and Verizon.
Service providers will deliver the message; copyright owners will monitor peer-to-peer networks such as BitTorrent.
MarkMonitor is the service that makes it all possible. It uses a combination of people and an automated system to spot illegal downloads. It will collect the IP addresses of offenders and turn them over to service providers.
The warning systems is described a graduated response. The order is as follows:
1. Let the customer know that their Internet connection is being used to download content illegally. It will have tips on how to secure internet connections, and how to download content legally.
2. Customers will be asked to acknowledge that they received the warning.
3. Mild punishments will be issued such as: forcing the copyright violator to read “educational materials” or slowing down their internet connection so its harder to download large files.
Customers may ask for a review if they feel wrongly accused for $35.
The system will be overseen by an organization called the Center for Copyright Information, which includes Motion Picture Association of America and Recording Industry of Arica, Disney, Sony Pictures, Fox, EMI, and Universal
- Reliability – deals with accidental damage (do you get consistent performance)
- Dependability – reliance can be justifiably placed on the system (similar to integrity)
- Survivability/Disaster Recovery/Business Continuity – deals with the recovery of the system after massive failure (especially after 9/11
- Finding a Balance
- Security policies interfere with working patterns, and can be very inconvenient
- Require a focus on new workflows
- Security mechanisms need additional computational resources
- Security should be a forethought
- Managing security requires additional effort and costs
- ROI is hard to determine
- Ideally, there should be a trade-off
Hardware- Hardware is more visible to criminals
- It is easier to add/remove/change hardware devices, intercept traffic, flood devices with traffic, and in general control hardware devices’ functionality
- Hardware is ignored in security training
- Hardware can also be removed – VA laptop, DOD laptop, hard drives lost, etc.
Software- Interruption (deletion): surprisingly easy!
- Modification:
- Logic bomb – failure occurs when certain conditions are met
- Buffer overflow – similar to logic or programming error
- Virus – a specific Trojan horse that can be used to spread its “infection”
- Worm – self-reproducing program (usually spreads through e-mails)
- Trapdoor – a program that has a specific entry point
- Interception (theft): unauthorized copying
Data- Data are readily accessible
- Attacks on data are more widespread
- Data are everywhere …. We give it away to everyone!
- Fill out a credit card application, get a free waterbottle/coffee cup/t-shirt
- What’s your zip code, your phone number, etc? Facebook apps/quizzes/contests; Twitter retweets
- Attacks
- United States Department of Commerce has compiled a list of the general categories of computer attacks (Security Glossary):
- Remote or Local Penetration
- Remote or Local DOS
- Scanning (Ethereal)
- Password Crackers
- Sniffers
- Protections
- Basics
- Firewall (Zone Alarm, Norton, hardware solutions)
- Anti-virus (McAfee, Norton, Symantec)
- Patches (automatic updates)
- Strong passwords (> 20 characters)
- Where is your data? How is it protected? Do you have it backed up?
Risk Assessment- A process of ………
- Including a Business Impact Analysis
- Identifying assets and ranking them
- Identifying risks and ranking them
- Associating specific risks with critical assets
- Recommending actions to be taken
- Don’t assume physical security!!!!
- VA laptop, DOD laptop, Los Alamos HD issue
- Why steal just the data when you can steal the hardware?
- Faculty offices, student laptops in libraries
- Use strong passwords on all accounts
- More than 20 characters
- Limited by keyboard
- Under 14 characters is “crackable”
- Your password is a very important secret
- Select one you can remember (new rules)
- You can remember a long password (Peter Henry Thesis)
- Technology Approaches
- Operating system software
- Keep it updated with necessary patches
- Patching
- Make sure your computer has the latest operating system release
- Auto setting is the best!
- New security bugs are discovered all the time
- Remember the CERT website
- Firewall (hardware or software) – permits passage of data based on security policies
- Virtual Private Network (VPN) – private communications over public networks (secured through authentication, cryptography, tunneling protocols) using ipsec (IP Security), SSL (tunneling), and others …
Web Sites- Understand that e-mail is not secure.
- KaZaA, etc. turned your computer into a distributor so that people can download from your machine!
- NOTE: 45% of free files collected by KaZaA contained viruses, Trojan horse programs and backdoors.
- Sometimes you don’t even know you are responsible for security violations
- your computer gets hacked and is used to hack others (you have no idea its being done).
Email & Social EngineeringE-mail:
- A day-to-day necessity in our educational environment
- We take it for granted
Social Engineering- “Smooth-talking your way into a system”
- Common types of social engineering:
- Impersonation / Important user / Pre-texting
- You can find out information on Facebook / MySpace
- Surplus equipment, Tallahassee (Cash for Trash)
- War-driving & dumpster diving
Solutions* None! (Well, none that are completely secure.)
* Assume you will be compromised.
* The task is to get back up and running.
* http://security.fsu.edu/
* Reporting
* Setting up VPN at FSU
* Subscribe to CERT
* Subscribe to US-CERT
Getting a Job